2898cb7724546579022e85a86b222cc4caf739ea4b325a50f24512e4145f2f92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2898cb7724546579022e85a86b222cc4caf739ea4b325a50f24512e4145f2f92
Size

460KB
Sample

230317-dam3xsga6w
MD5

f35d8958edaab270d6c621bb96e395fc
SHA1

194f85bfcfae0f3c0ce55af40266c3fbed0ac245
SHA256

2898cb7724546579022e85a86b222cc4caf739ea4b325a50f24512e4145f2f92
SHA512

98ece933074eace66440cb9c8f554de417a6b71470804bf9c1a328c53b2b3fa239bd13585ccf52951db331f98410f4da115539166cab59cc40afffe537587fde
SSDEEP

12288:M9podLzMGtJXh2W0skbWd/2fvfwqk0Z4XE75VmiGU1:CpodLQgXhxYbVfvfwo9d

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2898cb7724546579022e85a86b222cc4caf739ea4b325a50f24512e4145f2f92
- Size
  
  460KB
- MD5
  
  f35d8958edaab270d6c621bb96e395fc
- SHA1
  
  194f85bfcfae0f3c0ce55af40266c3fbed0ac245
- SHA256
  
  2898cb7724546579022e85a86b222cc4caf739ea4b325a50f24512e4145f2f92
- SHA512
  
  98ece933074eace66440cb9c8f554de417a6b71470804bf9c1a328c53b2b3fa239bd13585ccf52951db331f98410f4da115539166cab59cc40afffe537587fde
- SSDEEP
  
  12288:M9podLzMGtJXh2W0skbWd/2fvfwqk0Z4XE75VmiGU1:CpodLQgXhxYbVfvfwo9d
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1